Move trustee-related code to its own module

3a4dca8a · Stephane Glondu · f8818637 · 3a4dca8a · 3a4dca8a · 3a4dca8a
Commit 3a4dca8a authored Dec 20, 2016 by Stephane Glondu
11 changed files
--- a/src/lib/election.ml
+++ b/src/lib/election.ml
@@ -56,48 +56,6 @@ module MakeSimpleMonad (G : GROUP) = struct
  let cardinal () = List.length !ballots
 end

-(** Distributed key generation *)
-
-module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) = struct
-  open G
-  open M
-
-  let ( >>= ) = bind
-  let ( / ) x y = x *~ invert y
-
-  (** Fiat-Shamir non-interactive zero-knowledge proofs of
-      knowledge *)
-
-  let fs_prove gs x oracle =
-    random q >>= fun w ->
-    let commitments = Array.map (fun g -> g **~ w) gs in
-    let challenge = oracle commitments in
-    let response = Z.((w + x * challenge) mod q) in
-    return {challenge; response}
-
-  let generate_and_prove () =
-    random q >>= fun x ->
-    let trustee_public_key = g **~ x in
-    let zkp = "pok|" ^ G.to_string trustee_public_key ^ "|" in
-    fs_prove [| g |] x (G.hash zkp) >>= fun trustee_pok ->
-    return (x, {trustee_pok; trustee_public_key})
-
-  let check {trustee_pok; trustee_public_key = y} =
-    G.check y &&
-    let {challenge; response} = trustee_pok in
-    check_modulo q challenge &&
-    check_modulo q response &&
-    let commitment = g **~ response / (y **~ challenge) in
-    let zkp = "pok|" ^ G.to_string y ^ "|" in
-    Z.(challenge =% G.hash zkp [| commitment |])
-
-  let combine pks =
-    Array.fold_left (fun y {trustee_public_key; _} ->
-      y *~ trustee_public_key
-    ) G.one pks
-
-end
-
 (** Homomorphic elections *)

 module MakeElection (G : GROUP) (M : RANDOM) = struct

--- a/src/lib/election.mli
+++ b/src/lib/election.mli
@@ -51,28 +51,6 @@ module MakeSimpleMonad (G : GROUP) : sig
 end
 (** Simple election monad that keeps all ballots in memory. *)

-module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) : sig
-
-  (** This module implements a simple distributed key generation. Each
-      share is a number modulo q, and the secret key is their sum. All
-      shares are needed to decrypt, but the decryptions can be done in
-      a distributed fashion. *)
-
-  val generate_and_prove :
-    unit -> (Z.t * G.t trustee_public_key) M.t
-  (** [generate_and_prove ()] returns a new keypair [(x, y)]. [x] is
-      the secret exponent, [y] contains the public key and a
-      zero-knowledge proof of knowledge of [x]. *)
-
-  val check : G.t trustee_public_key -> bool
-  (** Check a public key and its proof. *)
-
-  val combine : G.t trustee_public_key array -> G.t
-  (** Combine all public key shares into an election public key. *)
-
-end
-(** Simple distributed generation of an election public key. *)
-
 module MakeElection (G : GROUP) (M : RANDOM) :
  ELECTION with type elt = G.t and type 'a m = 'a M.t
 (** Implementation of {!Signatures.ELECTION}. *)
--- a/src/lib/lib.mllib
+++ b/src/lib/lib.mllib
@@ -6,5 +6,6 @@ Serializable_j
 Common
 Group_field
 Group
+Trustees
 Election
 Credential
--- a/src/lib/trustees.ml
+++ b/src/lib/trustees.ml
+(**************************************************************************)
+(*                                BELENIOS                                *)
+(*                                                                        *)
+(*  Copyright © 2012-2017 Inria                                           *)
+(*                                                                        *)
+(*  This program is free software: you can redistribute it and/or modify  *)
+(*  it under the terms of the GNU Affero General Public License as        *)
+(*  published by the Free Software Foundation, either version 3 of the    *)
+(*  License, or (at your option) any later version, with the additional   *)
+(*  exemption that compiling, linking, and/or using OpenSSL is allowed.   *)
+(*                                                                        *)
+(*  This program is distributed in the hope that it will be useful, but   *)
+(*  WITHOUT ANY WARRANTY; without even the implied warranty of            *)
+(*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU     *)
+(*  Affero General Public License for more details.                       *)
+(*                                                                        *)
+(*  You should have received a copy of the GNU Affero General Public      *)
+(*  License along with this program.  If not, see                         *)
+(*  <http://www.gnu.org/licenses/>.                                       *)
+(**************************************************************************)
+
+open Platform
+open Serializable_t
+open Signatures
+open Common
+
+(** Helper functions *)
+
+let check_modulo p x = Z.(geq x zero && lt x p)
+
+(** Distributed key generation *)
+
+module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) = struct
+  open G
+  open M
+
+  let ( >>= ) = bind
+  let ( / ) x y = x *~ invert y
+
+  (** Fiat-Shamir non-interactive zero-knowledge proofs of
+      knowledge *)
+
+  let fs_prove gs x oracle =
+    random q >>= fun w ->
+    let commitments = Array.map (fun g -> g **~ w) gs in
+    let challenge = oracle commitments in
+    let response = Z.((w + x * challenge) mod q) in
+    return {challenge; response}
+
+  let generate_and_prove () =
+    random q >>= fun x ->
+    let trustee_public_key = g **~ x in
+    let zkp = "pok|" ^ G.to_string trustee_public_key ^ "|" in
+    fs_prove [| g |] x (G.hash zkp) >>= fun trustee_pok ->
+    return (x, {trustee_pok; trustee_public_key})
+
+  let check {trustee_pok; trustee_public_key = y} =
+    G.check y &&
+    let {challenge; response} = trustee_pok in
+    check_modulo q challenge &&
+    check_modulo q response &&
+    let commitment = g **~ response / (y **~ challenge) in
+    let zkp = "pok|" ^ G.to_string y ^ "|" in
+    Z.(challenge =% G.hash zkp [| commitment |])
+
+  let combine pks =
+    Array.fold_left (fun y {trustee_public_key; _} ->
+      y *~ trustee_public_key
+    ) G.one pks
+
+end
--- a/src/lib/trustees.mli
+++ b/src/lib/trustees.mli
+(**************************************************************************)
+(*                                BELENIOS                                *)
+(*                                                                        *)
+(*  Copyright © 2012-2017 Inria                                           *)
+(*                                                                        *)
+(*  This program is free software: you can redistribute it and/or modify  *)
+(*  it under the terms of the GNU Affero General Public License as        *)
+(*  published by the Free Software Foundation, either version 3 of the    *)
+(*  License, or (at your option) any later version, with the additional   *)
+(*  exemption that compiling, linking, and/or using OpenSSL is allowed.   *)
+(*                                                                        *)
+(*  This program is distributed in the hope that it will be useful, but   *)
+(*  WITHOUT ANY WARRANTY; without even the implied warranty of            *)
+(*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU     *)
+(*  Affero General Public License for more details.                       *)
+(*                                                                        *)
+(*  You should have received a copy of the GNU Affero General Public      *)
+(*  License along with this program.  If not, see                         *)
+(*  <http://www.gnu.org/licenses/>.                                       *)
+(**************************************************************************)
+
+open Platform
+open Serializable_t
+open Signatures
+
+module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) : sig
+
+  (** This module implements a simple distributed key generation. Each
+      share is a number modulo q, and the secret key is their sum. All
+      shares are needed to decrypt, but the decryptions can be done in
+      a distributed fashion. *)
+
+  val generate_and_prove :
+    unit -> (Z.t * G.t trustee_public_key) M.t
+  (** [generate_and_prove ()] returns a new keypair [(x, y)]. [x] is
+      the secret exponent, [y] contains the public key and a
+      zero-knowledge proof of knowledge of [x]. *)
+
+  val check : G.t trustee_public_key -> bool
+  (** Check a public key and its proof. *)
+
+  val combine : G.t trustee_public_key array -> G.t
+  (** Combine all public key shares into an election public key. *)
+
+end
+(** Simple distributed generation of an election public key. *)
--- a/src/tool/tool_election.ml
+++ b/src/tool/tool_election.ml
@@ -62,7 +62,7 @@ module Make (P : PARSED_PARAMS) : S = struct

  (* Load and check trustee keys, if present *)

-  module KG = Election.MakeSimpleDistKeyGen(G)(M);;
+  module KG = Trustees.MakeSimpleDistKeyGen(G)(M);;

  let public_keys_with_pok =
    get_public_keys () |> option_map @@

--- a/src/tool/tool_mkelection.ml
+++ b/src/tool/tool_mkelection.ml
@@ -66,7 +66,7 @@ module Make (P : PARSED_PARAMS) : S = struct

  (* Setup trustees *)

-  module KG = Election.MakeSimpleDistKeyGen(G)(M);;
+  module KG = Trustees.MakeSimpleDistKeyGen(G)(M);;

  let public_keys =
    match get_public_keys () with

--- a/src/tool/tool_tkeygen.ml
+++ b/src/tool/tool_tkeygen.ml
@@ -53,7 +53,7 @@ module Make (P : PARSED_PARAMS) : S = struct

  (* Generate key *)

-  module KG = Election.MakeSimpleDistKeyGen(G)(M);;
+  module KG = Trustees.MakeSimpleDistKeyGen(G)(M);;

  type keypair = { id : string; priv : string; pub : string }


--- a/src/tool/tool_verifydiff.ml
+++ b/src/tool/tool_verifydiff.ml
@@ -101,7 +101,7 @@ let verifydiff dir1 dir2 =
  let open ED in
  let module M = Election.MakeSimpleMonad (G) in
  let module E = Election.MakeElection (G) (M) in
-  let module KG = Election.MakeSimpleDistKeyGen (G) (M) in
+  let module KG = Trustees.MakeSimpleDistKeyGen (G) (M) in
  let pks = match pks with
    | None -> raise (VerifydiffError MissingPublicKeys)
    | Some pks -> List.map (trustee_public_key_of_string G.read) pks

--- a/src/web/server.mllib
+++ b/src/web/server.mllib
@@ -6,6 +6,7 @@ Serializable_j
 Common
 Group_field
 Group
+Trustees
 Election
 Credential


--- a/src/web/web_site.ml
+++ b/src/web/web_site.ml
@@ -106,7 +106,7 @@ let finalize_election uuid se =
  (* trustees *)
  let group = Group.of_string se.se_group in
  let module G = (val group : GROUP) in
-  let module KG = Election.MakeSimpleDistKeyGen (G) (LwtRandom) in
+  let module KG = Trustees.MakeSimpleDistKeyGen (G) (LwtRandom) in
  let%lwt trustees, public_keys, private_key =
    match se.se_public_keys with
    | [] ->
@@ -851,7 +851,7 @@ let () =
           let t = List.find (fun x -> token = x.st_token) se.se_public_keys in
           let module G = (val Group.of_string se.se_group : GROUP) in
           let pk = trustee_public_key_of_string G.read public_key in
-           let module KG = Election.MakeSimpleDistKeyGen (G) (LwtRandom) in
+           let module KG = Trustees.MakeSimpleDistKeyGen (G) (LwtRandom) in
           if not (KG.check pk) then failwith "invalid public key";
           (* we keep pk as a string because of G.t *)
           t.st_public_key <- public_key;
@@ -969,7 +969,7 @@ let () =
                  let () =
                    (* check that imported keys are valid *)
                    let module G = (val Group.of_string se.se_group : GROUP) in
-                    let module KG = Election.MakeSimpleDistKeyGen (G) (LwtRandom) in
+                    let module KG = Trustees.MakeSimpleDistKeyGen (G) (LwtRandom) in
                    if not @@ List.for_all (fun t ->
                                  let pk = t.st_public_key in
                                  let pk = trustee_public_key_of_string G.read pk in